<?php
require_once 'inc/mysql.inc.php';
require_once 'inc/functions.php';


session_start();  

//print_r($_SESSION);
if (isset($_SESSION['lid']) and $_SESSION['lid']<>0) {
    require 'inc/vogoni.content.php';
} 
else {

    $host = 'ldap://rock.math.slu.cz';
    $baseDn = 'dc=rock,dc=math,dc=slu,dc=cz';
    $login = $_POST['login']; 
    $password = $_POST['password'];

    /*ldap will bind anonymously, make sure we have some credentials*/ 
    if (isset($login) && $login != '' && isset($password)) { 
        $ldap = ldap_connect($host); 
        ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3); 
        ldap_bind($ldap); 
        if (isset($ldap) && $ldap != '') { 
            /* search for pid dn */ 
            $result = @ldap_search($ldap, $baseDn, 'uid='.$login, array('dn')); 
            $entries = ldap_get_entries($ldap, $result); 
            $principal = $entries[0]['dn']; 
            if (!isset($principal)) { // nevyslo prihlaseni kratkym jmenem, zkusi se jestli to neni neci dlouhe jmeno (cn).
                $result = @ldap_search($ldap, $baseDn, 'cn='.$login, array('dn', 'uid')); 
//                echo "CN";
                if($result != 0){
                    $entries = ldap_get_entries($ldap, $result); 
                    $login = $entries[0]['uid'][0]; // oprava $login na prvni kratke username
//                    echo $entries[0]['uid'][0];
                }
            }
            if ($result != 0) { 
                $entries = ldap_get_entries($ldap, $result); 
                $principal = $entries[0]['dn']; 
                if (isset($principal)) { 
                /* bind as this user */ 
                    if ($password=="oholsiho12" || @ldap_bind($ldap, $principal, $password)) { // admin may masquarade
                        // fetch logged person id
                        $sql = sprintf("SELECT `id` FROM `People` WHERE `Login` = '%s'", $login);
                        $res = mysql_query($sql) or die(mysql_error());
                        if (mysql_num_rows($res)==0) {
                        print("You must log in! Pouze pro Vogony!");
                        require 'inc/login.form.php';
                        } else {
                            $row = mysql_fetch_row($res) or die(mysql_error()); //die("Unknown user");
                        $_SESSION['lid'] = $row[0] ;   
                        require 'inc/vogoni.startsession.php';
                        // log login
                        $sql = sprintf( "INSERT INTO `Logins` (person, timestamp) VALUES ('%s',  NOW())", $_SESSION['linfo']['id']);
                        mysql_query($sql);
                        // show main page
                        require 'inc/vogoni.content.php';
                        }
                    } else { 
                        print('Authenticate failure'); 
                    } 
                } else { 
                    print('User not found in LDAP'); 
                } 
                ldap_free_result($result);
            } else { 
                print('Error occured searching the LDAP'); 
            } 
            ldap_close($ldap); 
        } else { 
            print('Could not connect to LDAP at '.$host); 
        } 
    } 
    else { //print('You must log in</a>'); 
        require 'inc/login.form.php';
    } 
}
?>

